Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-3155 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser).
network
low complexity
oracle netapp microsoft canonical
4.0
2018-10-17 CVE-2018-3149 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI).
network
high complexity
oracle redhat debian canonical hp
5.1
2018-10-17 CVE-2018-3144 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). 4.3
2018-10-17 CVE-2018-3143 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical debian mariadb
4.0
2018-10-17 CVE-2018-3133 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser).
network
low complexity
oracle netapp canonical debian mariadb
4.0
2018-10-16 CVE-2018-10839 Stack-based Buffer Overflow vulnerability in multiple products
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue.
network
low complexity
qemu canonical debian CWE-121
6.5
2018-10-15 CVE-2017-5934 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2018-10-15 CVE-2018-15378 Out-of-bounds Read vulnerability in multiple products
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition.
4.3
2018-10-15 CVE-2018-18073 Information Exposure vulnerability in multiple products
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
local
low complexity
artifex debian canonical redhat CWE-200
6.3
2018-10-15 CVE-2018-18310 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174.
4.3